Community mailing list archives
Re: Forum hackersby
The hackers posts were simply deleted but his account was not closed so they are back at it.
On Tue, Oct 14, 2014 at 9:42 AM, Stephen Mack <email@example.com> wrote:
Well the same security flaws will be used in our forums as well.On Tue, Oct 14, 2014 at 9:27 AM, Parthiv Patel <firstname.lastname@example.org> wrote:Seems like forum is being flooded with this kind of activity. Odoo need to appoint some one to moderate posting.On Tue, Oct 14, 2014 at 5:38 PM, Stephen Mack <email@example.com> wrote:https://www.odoo.com/forum/help-1/tag/buy-cvv-5669/questionsthere are many moreOn Tue, Oct 14, 2014 at 8:59 AM, Stephen Mack <firstname.lastname@example.org> wrote:Now the hackers are filling the forum with useless hacker tags as well.On Mon, Oct 13, 2014 at 6:02 PM, Nhomar Hernández <email@example.com> wrote:2014-10-13 16:12 GMT-04:30 Stephen Mack <firstname.lastname@example.org>:Hi odoo,It's really getting boring deleting all the hackers who are spamming the forum. Maybe some tools might be needed to help combat this.Warm regards,
I asked since the begining that authentication method for Odoo must have:- token creation for double validation.- some kind of Captcha.- spam filter with blacklist.They said it is not necesary due to the fact of... ( I don't remember ) but the first thing people does with the power is hack everything.We even need to be able to authenticate pure jsonrpc (with cookies) in order to ensure block xmlrpc interface and user/password autentication for only a group.Several things needs to be improved 1 by One I hope it is planned for V9.0Regards.----------------------
Thanks & Regards,